Senior executives must be ready to tackle the legal and business risks associated with cyberthreats — even before they happen.

This means companies must establish enterprise-wide tactics to identify risks, appraise response metrics and apply company-specific risk mitigation strategies, according to the “2017 Data Security Incident Response Report,” from BakerHostetler. The study analyzed more than 450 cyber incidents that the firm handled last year.

“It’s no longer a question of which industries are most at risk. All industries are faced with the task of managing dynamic data security risks,” said Theodore Kobus, leader of the privacy and data protection team. “Even companies in the retail, restaurant and hospitality industries, while highly…